Anonymous Claims Network Breach of FBI Security Contractor ManTech

Anonymous continued with its string of attacks designed to embarrass the FBI, this time claiming to have breached the network of ManTech International, the FBI's cyber-security contractor.

As
promised, Anonymous has sought to embarrass the FBI with a network attack, this
time going after defense contractor ManTech International.
"Hacktivist"
collective Anonymous claims to have "owned" the defense contractor
ManTech International and promised to release the stolen information within 24
hours, according to a post on Twitter that appeared shortly after midnight on
July 29.

Some
documents have already been posted as "teasers," including a resume
of an individual with significant military and law enforcement background and a
statement of work memo for NATO Communication & Information Systems
Services Agency. About 500MB of files are expected to be released.

This
latest attack is in apparent retribution for the July 20 arrests of individuals
who are accused of participating in Anonymous group hacking attacks.
Earlier
this week, in the midst of news reports about British police arresting a suspected
member of hacker group LulzSec and regular updates on Twitter about people
canceling PayPal accounts in protest, Anonymous posted the following warning on
Twitter, "Also, tomorrow: Expect something nice. Looks like the FBI asked
for a slap in the face. Well, we can deliver. #FFF (On Thursday, who
cares)."
About
14 individuals were arrested on July 20in the United States for
participating in the Anonymous DDOS (distributed denial-of-service) campaign
against PayPal in Operation Payback in December. The FBI also arrested one
person accused of hacking into InfraGard Tampa and a customer support
contractor who downloaded confidential AT&T documents and provided them to
LulzSec.
The
group said the attacks will continue regardless of the arrests. "We are
not scared anymore. Any threats to arrest us are meaningless. We are past
threats. We just act. #AntiSec #FFFriday," the group posted via Twitter.
British
police also arrested two alleged members of LulzSec, and the Dutch National
Police Agency arrested four Anonymous members this month. In June, Spanish
authorities arrested three members and claimed to have shut down Anonymous
within the country, and Turkish police detained 32 individuals with alleged
links to the group.
ManTech
provides cyber-security services such round-the-clock intrusion-detection
monitoring, security engineering, and incident identification and response.
It's providing these services to the FBI's security division as part of a $99.5
million five-year contract. The company also provides vulnerability assessment
and penetration testing, cyber-threat analysis and specialized cyber-training
services.
Other
clients include the National Security Agency and the departments of Defense,
State and Homeland Security, among others.
"The
latest attack against ManTech following a string of attacks against other
defense and national security contractors shows that those charged with
defending our nation are also susceptible to the same attacks," Anup
Ghosh, CEO of Invincea, told eWEEK. "Make no mistake --
this is a failure of the security industry more than it is a failure of
ManTech, Booz Allen, Northrup Grumman, and the National Labs," Ghosh added.
Anonymous
dumped 90,000 passwords belonging to military personnel from consulting firm Booz
Allen Hamilton, exposed sensitive information belonging to agricultural
chemical and biotechnology company Monsanto
employees and stole more than 8GB of internal data from Italy's cyber-crime
police unit. Before it disbanded, LulzSec lifted and published internal
documents obtained during its attack on the Arizona
Department of Public Safety, breached two Websites belonging to FBI
partners InfraGard Atlanta and InfraGard Connecticut, and broke into
surveillance company Unveillance CEO's personal email account.